package com.coder520.mamabike.security;

import com.coder520.mamabike.bo.UserBo;
import com.coder520.mamabike.common.Const;
import com.coder520.mamabike.dao.cache.RedisDao;
import com.coder520.mamabike.pojo.User;
import com.google.common.collect.Lists;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

/**
 * Created by ASUS on 2017/8/14.
 */
public class MyPreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {

    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    private List<String> noneSecurityList;

    private RedisDao redisDao;

    public MyPreAuthenticatedProcessingFilter(List<String> noneSecurityList, RedisDao redisDao) {
        this.noneSecurityList = noneSecurityList;
        this.redisDao = redisDao;
    }

    @Override
    /**预验证的主体**/
    protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {

        if(isNoneSecurityPath(request.getRequestURI())|| "OPTIONS".equals(request.getMethod())){
            GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_SOME");
            return new MyAuthenticationToken(Lists.newArrayList(grantedAuthority));
        }



        String version = request.getHeader(Const.SYSTEM_VERSION);

        String token = request.getHeader(Const.CURRENT_USER);

        if(version==null){
            request.setAttribute("head-error",Const.SecurityCode.NEED_HEIGHT_VERSION.getCode());
        }else {
            if(StringUtils.isNotBlank(token)){
                //token 存在
                UserBo userBo = redisDao.getUserBo(token);
                if(userBo!=null){
                    GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(Const.Role.BIEK_CLIENT);
                    MyAuthenticationToken myAuthenticationToken = new MyAuthenticationToken(Lists.newArrayList(grantedAuthority));
                    myAuthenticationToken.setUserBo(userBo);
                    return myAuthenticationToken;
                }
            }
            request.setAttribute("head-error",Const.SecurityCode.NEED_LOGIN.getCode());
        }
        GrantedAuthority grantedAuthority= new SimpleGrantedAuthority(Const.Role.ROLE_NONE);
        return new MyAuthenticationToken(Lists.newArrayList(grantedAuthority));
    }

    private boolean isNoneSecurityPath(String requestURI) {
        if (CollectionUtils.isNotEmpty(noneSecurityList)){
            for (String s : noneSecurityList){
                if(antPathMatcher.match(s,requestURI)){
                    return true;
                }
            }
        }
        return false;
    }

    @Override
    /**预验证证书**/
    protected Object getPreAuthenticatedCredentials(HttpServletRequest httpServletRequest) {
        return null;
    }
}
